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DETAILED ACTION 

1 . A response was received on 08 November 2007. By this response, Claims 62- 
68 and 71-74 have been amended. Claims 1, 3, 8-15, 24-35, and 60 have been 
canceled. No new claims have been added. Claims 16, 18-23, and 61-74 are currently 
pending in the present application. 

Election/Restrictions 

2. Applicant's election without traverse of Group II, Claims 16, 18-23, and 61-74, in 

j 

the reply filed on 08 November 2007 is acknowledged. 

3. As noted above, Applicant has canceled the nonelected Claims 1, 3, 8-15, 24-35, 
and 60. See also MPEP § 818.02(c) regarding election by optional cancellation of 
claims. 

Response to Arguments 

4. Applicant's arguments filed 30 July 2007 have been fully considered but they are 
not persuasive. 

Claims 16-23 and canceled Claims 36-44 and 50-54 were rejected under 35 
U.S.C. 103(a) as unpatentable over Newcombe, US Patent Application Publication 
2003/01 72269, in view of Chang et al, US Patent 6952781 . 
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Applicant's arguments fail to comply with 37 CFR 1.1 1 1(b) because they amount 
to a general allegation that the claims define a patentable invention without specifically 
pointing out how the language of the claims patentably distinguishes them from the 
references. Specifically, with regard to Claim 16, Applicant alleges that neither 
Newcombe nor Chang discloses storing a portion of client specific data in a second 
cache along with an indication that the data do not correspond to a valid client (see 
pages 31-33 of the present response). Similarly, Applicant alleges that neither 
Newcombe nor Chang discloses similar limitations recited in Claim 61 (pages 34-35 of 
the present response); that neither Newcombe nor Chang discloses similar limitations 
recited in Claim 70 (pages 39-40 of the present response); and that Newcombe does 
not disclose virtually the entirety of Claim 69 (pages 36-38 of the present response). 
However, Applicant provides no evidence in support of these allegations. The Examiner 
notes that portions of both the Newcombe and Chang limitations were relied upon for 
similar limitations that were recited in canceled Claims 17 and 39 (see Newcombe, 
paragraphs 0063-0064, 0025, 0042, and 0047-0048; and Chang, column 4, lines 17-24; 
column 6, lines 2-3 and 47-50), and Applicant has not provided any discussion 
addressing those portions. 

Therefore, for the reasons detailed above, the Examiner maintains the rejection 
as set forth below (or sets forth new grounds of rejection for the new claims as 
appropriate). 
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Drawings 

5. The drawings are objected to because in each of Figures 5, 6, and 7, it is not 
clear that the first two steps in each flow chart (i.e. 505 and 510; 605 and 610; and 705 
and 710 respectively) are performed at different locations, as described in the 
specification. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are 
required in reply to the Office action to avoid abandonment of the application. Any 
amended replacement drawing sheet should include all of the figures appearing on the 
immediate prior version of the sheet, even if only one figure is being amended. The 
figure or figure number of an amended drawing should not be labeled as "amended." If 
a drawing figure is to be canceled, the appropriate figure must be removed from the 
replacement sheet, and where necessary, the remaining figures must be renumbered 
and appropriate changes made to the brief description of the several views of the 
drawings for consistency. Additional replacement sheets may be necessary to show the 
renumbering of the remaining figures. Each drawing sheet submitted after the filing date 
of an application must be labeled in the top margin as either "Replacement Sheet" or 
"New Sheet" pursuant to 37 CFR 1.121(d). If the changes are not accepted by the 
examiner, the applicant will be notified and informed of any required corrective action in 
the next Office action. The objection to the drawings will not be held in abeyance. 
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Specification 

6. Although the informality noted in the previous Office action has been corrected, 
the objection to the disclosure is NOT withdrawn, due to the further issues noted below. 

7. The disclosure is objected to because of the following informalities: 

The specification includes minor typographical and other errors. For example, on 
page 2, paragraph 0003, in the phrase "there are needs to verify user identity and to 
preserve secrecy with respect to information and access to information", it is not clear 
what the phrase "access to information" is intended to be coordinated with. On page 4, 
paragraph 0008, line 6 of the paragraph, it appears that "a" should be inserted between 
"in" and "need". On page 5, paragraph 0009, it is not clear what facilities the phrase 
"such facilities" refers to. On page 1 1 , paragraph 0029, it appears that what are 
referred to as "hash algorithms" are in fact MAC algorithms; the hash algorithms on 
which those MACs are based are MD5 and SHA-1, respectively. Also on page 11, 
paragraph 0029, and elsewhere in the specification, the term "cachekey" is used in line 
14 of the paragraph; however, this term has no common definition and also does not 
appear to be defined in the specification (see also page 17, paragraph 0050; page 20, 
paragraphs 0061 and 0063, and elsewhere). On page 20, paragraph 0061, in the 
phrase "Copies of all client names and keys are all valid principals are stored in the 
cache", there appears to be missing language. On page 20, paragraph 0064, in the 
phrase "the process 500 determines when the client name corresponds to a valid entry", 
it appears that "when" is intended to read "whether". Similarly, on page 21 , paragraph 
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0067, in the phrase "to determine when the client specific data... meet a first threshold", 
it appears that "when" is intended to read "whether". On page 21 , paragraph 0068, in 
the phrase "the query task 535 determines that such matches the data", it is not clear 
what the antecedent of the word "such" is intended to be. On page 23, paragraph 0076, 
in the phrase "the process 600 determines when the primary cache 155 contains an 
entry", it appears that "when" is intended to read "whether". On page 24, paragraph 
0079, it is not clear what the antecedent of either instance of the term "such" is intended 
to be; further, it appears that in the phrase "such do not match", it appears that "do" may 
be intended to read "does" for agreement in number, dependent on what the antecedent 
of "such" is intended to be. On page 27, paragraph 0092, again, in the phrase "the 
process 700 determines when the primary cache 155 contains an entry", it appears that 
"when" is intended to read "whether". On page 28, paragraph 0095, again, it is not clear 
what the antecedent of either instance of the term "such" is intended to be; further, it 
appears that in the phrase "such do not match", it appears that "do" may be intended to 
read "does" for agreement in number, dependent on what the antecedent of "such" is 
intended to be. On page 32, paragraph 01 1 1, in the phrase "the process 700 
determines when the NameHash corresponds to an entry", it appears that "when" is 
intended to read "whether", and on page 33, paragraph 0115, in the phrase "to 
determine when the client specific data meet a first threshold", it again appears that 
"when" is intended to read "whether". On page 33, paragraph 01 16, again, it is not clear 
what the antecedent of either instance of the term "such" is intended to be; further, it 
appears that in the phrase "such do not match", it appears that "do" may be intended to 
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read "does" for agreement in number, dependent on what the antecedent of "such" is 
intended to be. On page 34, paragraph 0121, again, in the phrase "the process 800 
determines when a database entry... was found", it appears that "when" is intended to 
read "whether". 

Appropriate correction is required. The above is not to be considered an 
exhaustive list of errors in the disclosure. The lengthy specification has not been 
checked to the extent necessary to determine the presence of all possible minor errors. 
Applicant's cooperation is requested in correcting any errors of which applicant may 
become aware in the specification. 

Claim Objections 

8. The objection to Claim 8 for informalities is moot in light of the cancellation of the 
claim. 

9. Claims 16, 18, 22, 23, 61, 63, and 68-74 are objected to because of the following 
informalities: 

Claim 16 recites the limitation "to determine that the client specific data meet a 
first threshold" in lines 7-8. It appears that "that" is intended to read "whether" or "if. 
Also, in line 15, it appears that "a second cache memory" may be intended to read "the 
second cache memory" if this is intended to refer to the same second cache memory as 
in line 13. 
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Claim 18 recites the limitation "a second cache memory" in lines 3-4; if this is 
intended to refer to the same second cache memory of Claim 16, it appears that this 
should read "the second cache memory". Claim 18 also recites the limitation "to 
determine when the client specific data meet a second threshold of validity and when 
the client specific data correspond to an identity previously determined to be valid or 
invalid" in lines 4-6. It appears that both instances of the word "when" are intended to 
read "whether". 

Claim 22 recites "a first cache memory" in line 2; it appears that this should read 
"the first cache memory" if this is intended to refer to the same cache memory recited in 
Claim 16. 

Claim 23 recites the limitation "determining when the received current time 
disagrees with another current time" in lines 3-4. It appears that "when" is intended to 
read "whether". The claim also recites "the another current time" in lines 5 and 6; it 
appears that is intended to read "the other current time". 

Claim 61 recites the limitation "a first cache memory" in lines 7-8. It appears that 
this may be intended to refer to the "primary cache memory" recited in line 3. The claim 
also recites the limitation "to determine that the client specific data meet a first 
threshold" in lines 8-9. It appears that "that" is intended to read "whether" or "if. The 
claim further recites the limitation "to determine when the client specific data meet a 
second threshold of validity and when the client specific data correspond to an identity 
previously determined to be valid or invalid" in lines 17-20. It appears that both 
instances of the word "when" are intended to read "whether". Additionally, the claim 
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recites the terms "proceed" in line 11, "terminate" in line 14, "transmit" in line 22, and 
"terminate" in line 25. It is not entirely clear what the subject of these is intended to be, 
although it appears that each of these is intended as another action that the 
authentication server is configured to perform (see line 4). 

Claim 63 recites the limitation "a second cache memory" in line 3; if this is 
intended to refer to the same second cache memory of Claim 61 , it appears that this 
should read "the second cache memory". 

Claim 68 recites the limitation "to determine when the received current time 
disagrees with another current time" in lines 3-4. It appears that "when" is intended to 
read "whether". The claim also recites "the another current time" in lines 6 and 7; it 
appears that is intended to read "the other current time". 

Claim 69 recites "some proof of knowledge" in line 6. It appears that this should 
read simply "proof of knowledge" or "a proof of knowledge" or similar; use of the 
potentially indefinite term "some" should be avoided. The claim also recites the 
limitation "to determine that the client specific data meet a first threshold" in lines 8-9. It 
appears that "that" is intended to read "whether" or "if. 

Claim 70 recites the limitation "a second cache memory" in line 17. It appears 
that this may be intended to read "the second cache memory" if this is intended to refer 
to the same second cache memory as in line 15. 

Claim 71 recites "a second cache memory" in lines 3-4. It appears that this may 
be intended to read "the second cache memory" if this is intended to refer to the same 
second cache memory as in Claim 70. 
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Claim 72 recites "a second cache memory" in line 4. It appears that this may be 
intended to read "the second cache memory" if this is intended to refer to the same 
second cache memory as in Claim 70. 

Claim 73 recites "a second cache memory" in line 4. It appears that this may be 
intended to read "the second cache memory" if this is intended to refer to the same 
second cache memory as in Claim 70. 

Claim 74 recites "a first cache memory" in line 4. It appears that this may be 
intended to read "the first cache memory" if this is intended to refer to the same first 
cache memory as in Claim 70. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 101 

10. The rejection of Claims 29-36 under 35 U.S.C. 101 is moot in light of the 
cancellation of the claims. 

Claim Rejections - 35 USC §112 

1 1 . The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 
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12. Claims 62 and 69-74 are rejected under 35 U.S.C. 112, first paragraph, as failing 
to comply with the enablement requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to enable one skilled in the art to 
which it pertains, or with which it is most nearly connected, to make and/or use the 
invention. 

A determination of a failure to comply with the enablement requirement is made 
considering the undue experimentation factors set forth in MPEP § 2164.01(a). The 
factors that appear to weigh most heavily in the present application are the amount of 
direction provided by the inventor (MPEP § 2164.03), the existence of working 
examples (MPEP § 2164.02), and the state of the prior art (MPEP § 2164.05(a)). 
Specifically, each of Claims 62 (line 3), 70 (line 9), and 72-74 (line 3 of Claims 72 and 
73; line 2 of Claim 74) recite the term "cachekey". Claim 69 also recites "cashekey" in 
line 1 1 ; it appears that this is intended to refer to the same concept. It appears that the 
term "cachekey" does not have a definition in the art. Further, although the term 
appears several times throughout the present specification (see, for example, page 11, 
paragraph 0029), the term does not appear to have been explicitly defined anywhere in 
the specification, which suggests that there is little direction provided by the inventor. 
The only examples in the specification are extremely vague; the examples merely state 
that various values may be used as a cachekey (for example, page 11, paragraph 
0029). All of the above suggests that the enablement of the description is not 
commensurate in scope with the claims (MPEP § 2164.08) and that undue 
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experimentation would be required to make or use the invention based on the 
disclosure (MPEP § 2164.06). 

Claim 71 is rejected due to its dependence on rejected Claim 70. 

1 3. The following is a quotation of the second paragraph of 35 U.S. C. 1 1 2: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

14. Claims 61-74 are rejected under 35 U.S.C. 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claim 61 recites the limitation "the second cache memory" in line 17. There is 
insufficient antecedent basis for this limitation in the claim. 

Claims 62 (line 3), 70 (line 9), and 72-74 (line 3 of Claims 72 and 73, line 2 of 
Claim 74) each recite the term "cachekey". However, this term is not known to have a 
definition in the art, nor is it explicitly defined in the specification. This renders the use 
of the term indefinite. Claim 69 also recites "cashekey" in line 1 1 ; it appears that this 
may also be intended to refer to the same undefined concept. 

Claim 63 recites the limitation "at least some of the client specific data" in line 3. 
The word "some" by definition refers to an indefinite quantity, and therefore does not 
define a clear number or range. 

Claim 69 further recites the limitation "storing the name and the client key in a 
second cache memory along validity/invalidity indicators". The use of the term "along" 
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is generally unclear, as it is not clear how the name and key would be stored along 
indicators. 

Claims not specifically referred to above are rejected due to their dependence on 
a rejected base claim. 

Claim Rejections • 35 USC § 103 

15. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

16. Claims 16, 18-23, and 61-74 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Newcombe, US Patent Application Publication 2003/0172269, in 
view of Chang et al, US Patent 6952781 . 

In reference to Claim 16, Newcombe discloses a process for verification of a 
client authentication request by a server, where the method includes receiving, in the 
server, a client authentication request that includes client specific data (paragraphs 
0025, 0056-0057, 0067); comparing the client specific data to stored data to determine 
whether the client specific data meet a first threshold of validity and proceeding with or 
terminating the procedure based on the determination (paragraphs 0063-0064; one or 
more content servers). However, Newcombe does not explicitly disclose the use of a 
cache memory. 
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Chang discloses a process for verification in which the system uses a cache 
memory (column 4, lines 17-24; column 6, lines 2-3). Chang further discloses that when 
it is determined that the client specific data meet the first threshold of validity, the 
authentication process proceeds (column 4, lines 25-39, where client data must pass 
AAA server before proceeding to network access server); and when it is determined that 
the client specific data do not meet the first threshold of validity, a portion of the client 
specific data is stored in a second cache memory along with an indication that the client 
specific data do not correspond to a valid client (column 4, lines 17-24; column 6, lines 
2-3 and 47-50) and the verification process terminates (column 6, lines 47-50). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify Newcombe's method of authentication by including a 
cache memory and a first threshold of validity to in order to streamline user validation 
without requiring the user to enter identification a second time (Chang, column 2, lines 
55-63; column 3, lines 8-19). 

In reference to Claim 18, Newcombe and Chang further disclose comparing the 
client specific data with data stored in a second cache memory to determine when the 
client specific data meet a second threshold of validity and when the client specific data 
correspond to an identity previously determined to be valid or invalid (Newcombe, 
paragraphs 0025, 0063-0064; Chang, column 4, lines 17-24; column 6, lines 2-3 and 
47-50); transmitting a request for verification to a database containing client-specific 
data when the client specific data meet the second threshold (Newcombe, paragraphs 
0042, 0059, 0061-0062); and terminating the authentication request when the client 
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specific data correspond to an identity previously determined to be invalid (Chang, 
column 6, lines 47-50). 

In reference to Claim 19, Newcombe and Chang further disclose receiving data 
including one or more of: a name, a NameHash, a truncation of a NameHash, a 
NameKeyHash, a truncation of a NameKeyHash, a TimedNameKeyHash, a truncation 
of a TimedNameKeyHash or a time (Newcombe, paragraphs 0025, 0056-0059, 0065- 
0067). 

In reference to Claims 20 and 21, Newcombe and Chang further disclose 
receiving a TimedNameKeyHash and a current time (Newcombe, paragraphs 0025, 
0056-0059, 0065-0067). 

In reference to Claim 22, Newcombe and Chang further disclose comparing a 
TimedNameKeyHash contained in the authentication request to a function of a stored 
NameKeyHash and a current time (Newcombe, paragraphs 0042, 0059, 0061-0062; 
Chang, column 4, lines 17-24; column 6, lines 2-3). 

In reference to Claim 23, Newcombe and Chang further disclose receiving a 
current time and determining whether the received current time disagrees with another 
current time used by the authentication server, and sending the other current time to an 
originator of the authentication request when the received current time and the other 
current time disagree (Chang, column 7, line 58-column 8, line 2). 

In reference to Claim 61, Newcombe discloses a computer system comprising an 
authentication server and a server coupled to the authentication server (paragraphs 
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0037, 0054, 0063-0064), where the authentication server receives a client 
authentication request including client-specific data (paragraph 0025). However, 
Newcombe does not explicitly disclose a primary cache memory or further specific 
functions of the server as claimed. 

Chang discloses a system including a primary cache memory (column 4, lines 
17-24; column 6, lines 2-3) and where an authentication server compares the client 
specific data to data stored in the primary cache memory to determine whether the 
client specific data meet a first threshold of validity (column 4, lines 25-39); proceeds 
with authentication when it is determined that the client specific data meet the first 
threshold of validity (column 4, lines 25-39); and terminates authentication and denies 
the authentication request when it is determined that the client specific data do not meet 
the first threshold of validity (column 6, lines 47-50). Chang further discloses comparing 
the client specific data with data stored in a second cache memory to determine 
whether the client specific data meet a second threshold of validity and whether the 
client specific data correspond to an identity previously determined to be valid or invalid 
(column 4, lines 17-24; column 6, lines 2-3 and 47-50), transmitting a request for 
verification to a database containing client-specific data when the client specific data 
meet the second threshold, and terminating the authentication request when the client 
specific data correspond to an identity previously determined to be invalid (column 6, 
lines 47-50). Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify Newcombe's system by including a cache 
memory and a first threshold of validity to in order to streamline user validation without 
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requiring the user to enter identification a second time (Chang, column 2, lines 55-63; 
column 3, lines 8-19). 

In reference to Claim 62, Newcombe and Chang further disclose employing a 
first, plaintext portion of the client-specific data to obtain related encrypted client-specific 
data from the first cache memory (Newcombe, paragraphs 0025, 0056-0059, 0063, 
0065-0067; Chang, column 4, lines 17-24; column 6, lines 2-3). 

In reference to Claim 63, Newcombe and Chang further discloses storing at least 
a portion of the client specific data in a second cache memory along with an indication 
that the client specific data do not correspond to a valid client if it is determined that the 
client specific data do not meet the first threshold (Newcombe, paragraphs 0025, 0042, 
0047-0048; Chang, column 4, lines 17-24; column 6, lines 2-3 and 47-50). 

In reference to Claim 64, Newcombe and Chang further disclose that the 
client-specific data includes a NameKeyHash that is also a function of time (Newcombe, 
paragraphs 0025, 0056-0059, 0065-0067). 

In reference to Claims 65 and 66, Newcombe and Chang further disclose that the 
client-specific data includes a TimedNameKeyHash and a current time (Newcombe, 
paragraphs 0025, 0056-0059, 0065-0067). 

In reference to Claim 67, Newcombe and Chang further disclose that the client 
specific data stored in the first cache memory includes a NameKeyHash, and that the 
authentication server forms a TimedNameKeyHash from the NameKeyHash compares 
the formed TimedNameKeyHash to a portion of the client-specific data (Newcombe, 
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paragraphs 0025, 0056-0059, 0063-0067; Chang, column 4, lines 17-24; column 6, 
lines 2-3). 

In reference to Claim 68, Newcombe and Chang further disclose that the client 
specific data includes a current time, and that the authentication server determines 
whether the received current time disagrees with another current time used by the 
authentication server, and sends the other current time to an originator of the 
authentication request if the received current time and the other current time disagree 
(Chang, column 7, line 58-column 8, line 2). 

In reference to Claim 69, Newcombe discloses a process for verification of a 
client authentication request by a server, where the method includes receiving, in the 
server, a client authentication request that includes client specific data that includes a 
name or hash of the name along with a client key (paragraphs 0025, 0056-0057, 0067); 
comparing the client specific data to stored data to determine whether the client specific 
data meet a first threshold of validity and proceeding with or terminating the procedure 
based on the determination (paragraphs 0063-0064; one or more content servers). 
However, Newcombe does not explicitly disclose the use of a cache memory. 

Chang discloses a process for verification in which the system uses a cache 
memory (column 4, lines 17-24; column 6, lines 2-3). Chang further discloses that when 
it is determined that the client specific data meet the first threshold of validity, the 
authentication process proceeds (column 4, lines 25-39, where the client data must 
pass AAA server before proceeding to network access server); and when it is 
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determined that the client specific data do not meet the first threshold of validity, a 
portion of the client specific data is stored in a second cache memory along with an 
indication that the client specific data do not correspond to a valid client (column 4, lines 
17-24; column 6, lines 2-3 and 47-50) and the verification process terminates (column 6, 
lines 47-50). Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify Newcombe's method of authentication by 
including a cache memory and a first threshold of validity to in order to streamline user 
validation without requiring the user to enter identification a second time (Chang, 
column 2, lines 55-63; column 3, lines 8-19). 

In reference to Claim 70, Newcombe discloses a process for authenticating a 
user that includes receiving an authentication request including first client specific data 
comprising at least one of a client name and proof of knowledge of a client key 
(paragraphs 0025, 0056-0059, 0065-0067); computing a NameHash using the received 
client name and a random session key (paragraphs 0065-0066); and using data 
corresponding to the NameHash to access data from a server (paragraphs 0063-0067). 
However, Newcombe does not explicitly disclose the use of a cache. 

Chang discloses a process for authentication that uses a cache (column 4, lines 
17-24; column 6, lines 2-3); accessing and comparing data to a first validity threshold 
(column 4, lines 25-39); and storing a portion of the client specific data in a second 
cache memory along with an indication that the client specific data do not correspond to 
a valid client (column 4, lines 17-24; column 6, lines 2-3 and 47-50) and terminating 
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authentication when the first validity threshold data do not match the first client data 
(column 6, lines 47-50). Therefore, it would have been obvious to one of ordinary skill 
in the art at the time the invention was made to modify Newcombe's method of 
authentication by including a cache memory and a first threshold of validity to in order to 
streamline user validation without requiring the user to enter identification a second time 
(Chang, column 2, lines 55-63; column 3, lines 8-19). 

In reference to Claim 71, Newcombe and Chang further disclose storing the 
client key and a CredentiallnvalidFlag in a second cache memory when the first validity 
data do not match the first client data (Newcombe, paragraphs 0063-0065; Chang, 
column 4, lines 17-24; column 6, lines 2-3). 

In reference to Claim 72, Newcombe and Chang further disclose employing the 
client name to access second client validity data from a second cache memory when 
the first validity data do match the first client data (Newcombe, paragraphs 0063-0065; 
Chang, column 4, lines 1 7-24; column 6, lines 2-3). 

In reference to Claim 73, Newcombe and Chang further disclose employing the 
client name to access second client validity data from a second cache memory when 
the first validity data do match the first client data, where the second client validity data 
include a stored copy of a client key (Newcombe, paragraphs 0063-0065; Chang, 
column 4, lines 17-24; column 6, lines 2-3). 

In reference. to Claim 74, Newcombe and Chang further disclose using a 
truncation of the NameHash to access first validity threshold data from a first cache 
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memory (Newcombe, paragraphs 0063, 0065-0067, 0103, 0107; Chang, column 4, lines 
17-39; column 6, lines 2-3). 

Conclusion 

17. The prior art made of record and not relied upon is considered pertinent to 

applicant's disclosure. 

a. Sitaraman et al, US Patent 6668283, discloses a system having primary 
and secondary caches for authentication. 

b. Kou et al, US Patent 721 6236, discloses a system for authentication 
where previously registered clients can be sent notifications of failure of 
verification. 

c. McDaniel et al, US Patent Application Publication 2003/0126464, 
discloses a system having a two level cache for authentication. 

18. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Zachary A. Davis whose telephone number is (571) 272- 
3870. The examiner can normally be reached on weekdays 8:30-6:00, alternate 
Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571 ) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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